Apple's Touch ID may not be bulletproof, but it's still useful

Marco Tabini |
Sept. 25, 2013

Apple's new fingerprint technology may have been hacked, but that doesn't mean you should just give up on it

In addition, if you are like most of the people I know, your iPhone is never far away from your hands and pockets, and you would likely notice its absence in short order--at which point, if you're worried about your information, you will run for the nearest computer and use Find My Phone to disable your device, pronto.

Obviously, this doesn't protect your from, say, a jealous spouse or a determined private investigator; outside of Hollywood fiction, however, those people usually have easier means to gain access to potentially incriminating information--like, say, accessing your home computer after you've gone to work or simply calling up your cellular company and talking a customer support into faxing them a copy of your last bill.

Focus on the good, not the bad In real life, the only people who worry about these kinds of data theft are likely to be too sophisticated and security-conscious to use Touch ID in the first place. And, if they aren't, their digital lives probably have plenty more vulnerabilities that are easier to exploit than playing arts-and-crafts, Mission: Impossible style.

Touch ID was built for the rest of us—people who have fewer skeletons in their closet, but who are still vulnerable to enemies born out of opportunity. According to many statistics, tens of thousands of iPhones are stolen every year across North America. From the thieves' point of view, snatching a smartphone in the street is easy, low in risk, and potentially very rewarding: you end up with a valuable piece of electronics—and, if the phone isn't locked, you also get a peek at enough of a person's information to do some serious damage. (And iOS 7's Activation Lock can at least make it harder for a thief to wipe and resell your phone.)

Passcodes are a good solution to this problem, but they are also inconvenient—so much so that, according to a recent McAfee survey, less than one third of users actually enable them. Touch ID, on the other hand, is very convenient, and its futuristic appeal makes it fun to use, which means that a large number of users may, for the first time, actually protect their data with some level of security.

Marketing gone awry Ultimately, Apple's marketing has done a poor job of explaining Touch ID to the public. Instead of promoting it as an alternative to passcodes, Apple would have probably been better served by selling it as an alternative to, well, nothing, which is what the vast majority of users have chosen as their data protection mechanism of choice.

In practice, Touch ID is safe enough to use for most of us—perhaps not as good as a fifteen-character password, but probably better than a four-digit passcode, and certainly much better than nothing at all.